Share

Today Appthority released its Q2 2016 Enterprise Mobile Threat Report which shows a changing landscape with respect to two big players in enterprise mobility Specifically, we looked at the state of security in the Apple App Store and at a new initiative from Google, Android for Work.

As in our Q1 Enterprise Mobile Threat Report, we found the once safe Apple Store continues to be compromised with new breaches, bringing an end to the era of absolute trust in iOS and the protection of the App Store vetting process. We provide details on the latest iOS breaches, JSPatch and AceDeciever.

Meanwhile Google, seeing the need to enhance Android security in order to expand share in the enterprise, is taking steps to improve its security posture with a new enterprise toolset. We offer a review of Android for Work, assessing its comprehensiveness in addressing Android security for enterprises.

Report Highlights

Apple App Store Remains Insecure

JS Patch and AceDeciever are just the latest breaches showing why the Apple App Store can no longer be considered immune to security vulnerabilities

1 out of every 153 enterprise mobile devices, had at least one app containing the JSPatch framework

The AceDeceiver trojan app, available in the App Store for over two months, was mostly seen in China but was also found on enterprise devices in North America and Europe

Enterprises need to take extra precautions to protect devices, data and privacy

Android for Work Improves Android Security Posture in the Enterprise

Work and Personal Profiles separate work and personal apps and data

VPN and device security options bolster data and device security

Verify Apps feature, when enabled, addresses malware, but not total app risk

App reputation or app risk management still required for visibility into which apps are safe